[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-11065":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":80,"related":81,"reserved_at":9,"published_at":159,"modified_at":160,"state":161,"summary":162,"references_raw":171,"kevs":209,"epss":210,"epss_history":213,"metrics":463,"affected":473},"CVE-2025-11065","A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in security-critical contexts.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-209","Generation of Error Message Containing Sensitive Information","The product generates an error message that includes sensitive information about its environment, users, or associated data.","weakness","Draft","Base","High",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-215","Fuzzing for application mapping",[],{"id":25,"name":26,"techniques":27},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":29,"name":30,"techniques":31},"CAPEC-54","Query System for Information",[],{"id":33,"name":34,"techniques":35},"CAPEC-7","Blind SQL Injection",[],[],[38,39],"GHSA-2464-8j7c-4cjm","GO-2025-3900",[],[42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78],{"_key":43},"SUSE-SU-2026:0777-1",{"_key":45},"SUSE-SU-2025:21137-1",{"_key":47},"SUSE-SU-2025:4121-1",{"_key":49},"SUSE-SU-2025:4444-1",{"_key":51},"SUSE-SU-2025:4446-1",{"_key":53},"SUSE-SU-2025:4457-1",{"_key":55},"SUSE-SU-2025:4479-1",{"_key":57},"SUSE-SU-2025:4458-1",{"_key":59},"SUSE-SU-2025:4482-1",{"_key":61},"OPENSUSE-SU-2025:15610-1",{"_key":63},"OPENSUSE-SU-2025:15631-1",{"_key":65},"OPENSUSE-SU-2025:15724-1",{"_key":67},"OPENSUSE-SU-2025:20073-1",{"_key":69},"OPENSUSE-SU-2025:20117-1",{"_key":71},"OPENSUSE-SU-2026:10232-1",{"_key":73},"OPENSUSE-SU-2026:20386-1",{"_key":75},"SUSE-SU-2026:20904-1",{"_key":77},"DEBIAN-CVE-2025-11065",{"_key":79},"UBUNTU-CVE-2025-11065",[],[82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157],{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":100},"CGA-3VPM-CW8G-RG54",{"_key":102},"CGA-4Q4F-94QF-6MJP",{"_key":104},"CGA-5PC9-V7HR-339H",{"_key":106},"CGA-5PH7-X328-JXVM",{"_key":108},"CGA-5V36-54W6-P693",{"_key":110},"CGA-68FF-V9C9-6P3M",{"_key":112},"CGA-6V7G-PGFJ-9PCH",{"_key":114},"CGA-6V9X-4FPG-QCPM",{"_key":116},"CGA-6XW7-8MXR-F65X",{"_key":118},"CGA-872G-3X57-7F97",{"_key":120},"CGA-8GXH-XJF6-6G44",{"_key":122},"CGA-8PRQ-R647-JM6W",{"_key":124},"CGA-9CC7-9VXJ-99VQ",{"_key":126},"CGA-H2MC-CJRM-PXX6",{"_key":128},"CGA-H6FH-QWGQ-FH98",{"_key":130},"CGA-HJHX-57VJ-83GW",{"_key":132},"CGA-JWV9-P9FH-CXXJ",{"_key":134},"CGA-M2X7-J5RV-J9WF",{"_key":136},"CGA-M3QF-6W64-GQQG",{"_key":138},"CGA-P4C9-WMM4-WQHR",{"_key":140},"CGA-P4FR-J842-FW8C",{"_key":142},"CGA-P78M-XG2J-C2R7",{"_key":144},"CGA-PH8X-4GXJ-82WJ",{"_key":146},"CGA-R2M4-M6CQ-WJM4",{"_key":148},"CGA-R5R8-8VW8-42JG",{"_key":150},"CGA-R8VG-337H-7JRM",{"_key":152},"CGA-R9VR-VQFV-2XW5",{"_key":154},"CGA-WH6F-HGGG-RQ2M",{"_key":156},"CGA-WHP6-GF2Q-W8MF",{"_key":158},"CGA-QJ55-9PJX-F47Q","2026-01-26T19:36:28.900Z","2026-02-03T19:21:17.175Z","Deferred",{"cisa_kev":163,"cisa_ransomware":163,"cisa_vendor":9,"epss_severity":164,"epss_score":165,"severity":166,"severity_score":167,"severity_version":168,"severity_source":169,"severity_vector":170,"severity_status":161},false,"low",0.00009,"medium",5.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",[172,181,186,191,196,200,205],{"url":173,"sources":174,"tags":177},"https://access.redhat.com/security/cve/CVE-2025-11065",[169,175,176],"nvd","osv_go",[178,179,180],"VDB Entry","X Refsource REDHAT","WEB",{"url":182,"sources":183,"tags":184},"https://bugzilla.redhat.com/show_bug.cgi?id=2391829",[169,175,176],[185,179,180],"Issue Tracking",{"url":187,"sources":188,"tags":189},"https://github.com/go-viper/mapstructure/commit/742921c9ba2854d27baa64272487fc5075d2c39c",[169,175,176],[180,190],"FIX",{"url":192,"sources":193,"tags":194},"https://github.com/go-viper/mapstructure/security/advisories/GHSA-2464-8j7c-4cjm",[169,175,176],[180,195],"Advisory",{"url":197,"sources":198,"tags":199},"https://nvd.nist.gov/vuln/detail/CVE-2025-11065",[176],[195],{"url":201,"sources":202,"tags":203},"https://github.com/go-viper/mapstructure",[176],[204],"PACKAGE",{"url":206,"sources":207,"tags":208},"https://pkg.go.dev/vuln/GO-2025-3900",[176],[180],[],{"date":211,"score":165,"percentile":212},"2026-06-04",0.01004,[214,218,221,224,227,230,233,236,239,242,245,248,251,254,257,259,262,265,268,271,274,277,280,283,285,288,291,295,298,301,303,305,309,312,315,318,321,324,327,330,333,336,338,341,343,346,349,351,353,355,357,359,361,363,366,369,372,375,378,380,383,386,388,390,392,394,397,400,403,406,408,411,414,417,419,422,425,428,431,433,435,438,440,442,445,448,451,454,457,460],{"date":215,"score":216,"percentile":217},"2026-01-27",0.00011,0.00958,{"date":219,"score":216,"percentile":220},"2026-01-28",0.00957,{"date":222,"score":216,"percentile":223},"2026-01-29",0.00959,{"date":225,"score":216,"percentile":226},"2026-01-30",0.00966,{"date":228,"score":216,"percentile":229},"2026-01-31",0.00974,{"date":231,"score":216,"percentile":232},"2026-02-01",0.0118,{"date":234,"score":216,"percentile":235},"2026-02-02",0.01184,{"date":237,"score":216,"percentile":238},"2026-02-03",0.01192,{"date":240,"score":216,"percentile":241},"2026-02-04",0.01193,{"date":243,"score":216,"percentile":244},"2026-02-05",0.01197,{"date":246,"score":216,"percentile":247},"2026-02-06",0.01216,{"date":249,"score":216,"percentile":250},"2026-02-07",0.01238,{"date":252,"score":216,"percentile":253},"2026-02-08",0.01236,{"date":255,"score":216,"percentile":256},"2026-02-09",0.01233,{"date":258,"score":216,"percentile":256},"2026-02-10",{"date":260,"score":216,"percentile":261},"2026-02-11",0.01313,{"date":263,"score":216,"percentile":264},"2026-02-12",0.01337,{"date":266,"score":216,"percentile":267},"2026-02-13",0.01342,{"date":269,"score":216,"percentile":270},"2026-02-14",0.0137,{"date":272,"score":216,"percentile":273},"2026-02-15",0.01374,{"date":275,"score":216,"percentile":276},"2026-02-16",0.01366,{"date":278,"score":216,"percentile":279},"2026-02-17",0.01351,{"date":281,"score":216,"percentile":282},"2026-02-18",0.0149,{"date":284,"score":216,"percentile":282},"2026-02-19",{"date":286,"score":216,"percentile":287},"2026-02-20",0.01496,{"date":289,"score":216,"percentile":290},"2026-02-21",0.01495,{"date":292,"score":293,"percentile":294},"2026-02-22",0.00007,0.00504,{"date":296,"score":293,"percentile":297},"2026-02-23",0.00499,{"date":299,"score":293,"percentile":300},"2026-02-24",0.00498,{"date":302,"score":293,"percentile":300},"2026-02-25",{"date":304,"score":293,"percentile":300},"2026-02-26",{"date":306,"score":307,"percentile":308},"2026-02-27",0.00008,0.00615,{"date":310,"score":307,"percentile":311},"2026-02-28",0.00618,{"date":313,"score":307,"percentile":314},"2026-03-01",0.00616,{"date":316,"score":307,"percentile":317},"2026-03-02",0.00612,{"date":319,"score":307,"percentile":320},"2026-03-03",0.0062,{"date":322,"score":307,"percentile":323},"2026-03-04",0.00629,{"date":325,"score":307,"percentile":326},"2026-03-05",0.00636,{"date":328,"score":307,"percentile":329},"2026-03-06",0.00633,{"date":331,"score":307,"percentile":332},"2026-03-07",0.00634,{"date":334,"score":307,"percentile":335},"2026-03-08",0.00632,{"date":337,"score":307,"percentile":332},"2026-03-09",{"date":339,"score":307,"percentile":340},"2026-03-10",0.00635,{"date":342,"score":307,"percentile":329},"2026-03-11",{"date":344,"score":307,"percentile":345},"2026-03-12",0.00639,{"date":347,"score":307,"percentile":348},"2026-03-13",0.00637,{"date":350,"score":307,"percentile":326},"2026-03-14",{"date":352,"score":307,"percentile":340},"2026-03-15",{"date":354,"score":307,"percentile":335},"2026-03-16",{"date":356,"score":307,"percentile":329},"2026-03-17",{"date":358,"score":307,"percentile":332},"2026-03-18",{"date":360,"score":307,"percentile":332},"2026-03-19",{"date":362,"score":307,"percentile":332},"2026-03-20",{"date":364,"score":307,"percentile":365},"2026-03-21",0.00683,{"date":367,"score":307,"percentile":368},"2026-03-22",0.0068,{"date":370,"score":307,"percentile":371},"2026-03-23",0.00681,{"date":373,"score":307,"percentile":374},"2026-03-24",0.00679,{"date":376,"score":307,"percentile":377},"2026-03-25",0.00685,{"date":379,"score":307,"percentile":377},"2026-03-26",{"date":381,"score":307,"percentile":382},"2026-03-27",0.00688,{"date":384,"score":307,"percentile":385},"2026-03-28",0.00687,{"date":387,"score":307,"percentile":385},"2026-03-29",{"date":389,"score":307,"percentile":365},"2026-03-30",{"date":391,"score":307,"percentile":365},"2026-03-31",{"date":393,"score":307,"percentile":371},"2026-04-01",{"date":395,"score":307,"percentile":396},"2026-04-02",0.00684,{"date":398,"score":307,"percentile":399},"2026-04-03",0.00676,{"date":401,"score":165,"percentile":402},"2026-04-04",0.00841,{"date":404,"score":165,"percentile":405},"2026-04-05",0.00839,{"date":407,"score":165,"percentile":402},"2026-04-06",{"date":409,"score":165,"percentile":410},"2026-04-07",0.00842,{"date":412,"score":165,"percentile":413},"2026-04-08",0.00847,{"date":415,"score":165,"percentile":416},"2026-04-09",0.00844,{"date":418,"score":165,"percentile":410},"2026-04-10",{"date":420,"score":165,"percentile":421},"2026-04-11",0.00834,{"date":423,"score":165,"percentile":424},"2026-04-12",0.00828,{"date":426,"score":165,"percentile":427},"2026-04-13",0.0083,{"date":429,"score":165,"percentile":430},"2026-04-14",0.00824,{"date":432,"score":165,"percentile":430},"2026-04-15",{"date":434,"score":165,"percentile":424},"2026-04-16",{"date":436,"score":165,"percentile":437},"2026-04-17",0.00829,{"date":439,"score":165,"percentile":421},"2026-04-18",{"date":441,"score":165,"percentile":427},"2026-04-19",{"date":443,"score":165,"percentile":444},"2026-04-20",0.00825,{"date":446,"score":165,"percentile":447},"2026-04-21",0.00879,{"date":449,"score":165,"percentile":450},"2026-04-22",0.00882,{"date":452,"score":165,"percentile":453},"2026-04-23",0.00886,{"date":455,"score":165,"percentile":456},"2026-04-24",0.00881,{"date":458,"score":165,"percentile":459},"2026-04-25",0.00878,{"date":461,"score":165,"percentile":462},"2026-04-26",0.00884,[464,469,471],{"source":169,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":465,"cvss_v4_0":9},{"baseScore":167,"baseSeverity":466,"vectorString":170,"impactScore":467,"exploitabilityScore":468},"MEDIUM",6,4.1,{"source":175,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":167,"baseSeverity":466,"vectorString":170,"impactScore":467,"exploitabilityScore":468},{"source":176,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":472,"cvss_v4_0":9},{"baseScore":167,"baseSeverity":9,"vectorString":170,"impactScore":467,"exploitabilityScore":468},[474,485],{"ecosystem":475,"name":476,"vendor":477,"product":478,"cpe_part":9,"purl_type":479,"purl_namespace":477,"purl_name":478,"source":9,"versions":480},"Go","github.com/go-viper/mapstructure","github.com/go-viper","mapstructure","golang",[481],{"version":482,"is_range":483,"range_type":484,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"semver",{"ecosystem":475,"name":486,"vendor":476,"product":487,"cpe_part":9,"purl_type":479,"purl_namespace":476,"purl_name":487,"source":9,"versions":488},"github.com/go-viper/mapstructure/v2","v2",[489],{"version":490,"is_range":483,"range_type":484,"version_start":9,"version_start_type":9,"version_end":491,"version_end_type":492,"fixed_in":9},"lt2_4_0","2.4.0","excluding"]